diff --git a/api/tasks.go b/api/tasks.go index b582a7059..25bf56206 100644 --- a/api/tasks.go +++ b/api/tasks.go @@ -931,6 +931,7 @@ type Vault struct { Policies []string `hcl:"policies,optional"` Role string `hcl:"role,optional"` Namespace *string `mapstructure:"namespace" hcl:"namespace,optional"` + Cluster string `hcl:"cluster,optional"` Env *bool `hcl:"env,optional"` DisableFile *bool `mapstructure:"disable_file" hcl:"disable_file,optional"` ChangeMode *string `mapstructure:"change_mode" hcl:"change_mode,optional"` @@ -947,6 +948,9 @@ func (v *Vault) Canonicalize() { if v.Namespace == nil { v.Namespace = pointerOf("") } + if v.Cluster == "" { + v.Cluster = "default" + } if v.ChangeMode == nil { v.ChangeMode = pointerOf("restart") } diff --git a/api/tasks_test.go b/api/tasks_test.go index 231993906..4ef815a5a 100644 --- a/api/tasks_test.go +++ b/api/tasks_test.go @@ -462,6 +462,7 @@ func TestTask_Canonicalize_Vault(t *testing.T) { Env: pointerOf(true), DisableFile: pointerOf(false), Namespace: pointerOf(""), + Cluster: "default", ChangeMode: pointerOf("restart"), ChangeSignal: pointerOf("SIGHUP"), }, diff --git a/command/agent/job_endpoint.go b/command/agent/job_endpoint.go index 0777baa58..e26825230 100644 --- a/command/agent/job_endpoint.go +++ b/command/agent/job_endpoint.go @@ -1292,6 +1292,7 @@ func ApiTaskToStructsTask(job *structs.Job, group *structs.TaskGroup, Role: apiTask.Vault.Role, Policies: apiTask.Vault.Policies, Namespace: *apiTask.Vault.Namespace, + Cluster: apiTask.Vault.Cluster, Env: *apiTask.Vault.Env, DisableFile: *apiTask.Vault.DisableFile, ChangeMode: *apiTask.Vault.ChangeMode, diff --git a/command/agent/job_endpoint_test.go b/command/agent/job_endpoint_test.go index 9767ee461..8f6c19d22 100644 --- a/command/agent/job_endpoint_test.go +++ b/command/agent/job_endpoint_test.go @@ -3214,6 +3214,7 @@ func TestJobs_ApiJobToStructsJob(t *testing.T) { Vault: &structs.Vault{ Role: "nomad-task", Namespace: "ns1", + Cluster: "default", Policies: []string{"a", "b", "c"}, Env: true, DisableFile: false, diff --git a/nomad/structs/diff_test.go b/nomad/structs/diff_test.go index 4833e8971..138f7e470 100644 --- a/nomad/structs/diff_test.go +++ b/nomad/structs/diff_test.go @@ -7693,6 +7693,7 @@ func TestTaskDiff(t *testing.T) { Vault: &Vault{ Role: "nomad-task", Namespace: "ns1", + Cluster: "default", Policies: []string{"foo", "bar"}, Env: true, DisableFile: true, @@ -7704,6 +7705,7 @@ func TestTaskDiff(t *testing.T) { Vault: &Vault{ Role: "nomad-task", Namespace: "ns1", + Cluster: "default", Policies: []string{"bar", "baz"}, Env: true, DisableFile: true, @@ -7730,6 +7732,12 @@ func TestTaskDiff(t *testing.T) { Old: "SIGUSR1", New: "SIGUSR1", }, + { + Type: DiffTypeNone, + Name: "Cluster", + Old: "default", + New: "default", + }, { Type: DiffTypeNone, Name: "DisableFile", diff --git a/nomad/structs/structs.go b/nomad/structs/structs.go index d9c12bcd1..387bef27a 100644 --- a/nomad/structs/structs.go +++ b/nomad/structs/structs.go @@ -9858,6 +9858,9 @@ type Vault struct { // Namespace is the vault namespace that should be used. Namespace string + // Cluster (by name) to send API requests to + Cluster string + // Env marks whether the Vault Token should be exposed as an environment // variable Env bool @@ -9886,6 +9889,8 @@ func (v *Vault) Equal(o *Vault) bool { return false case v.Namespace != o.Namespace: return false + case v.Cluster != o.Cluster: + return false case v.Env != o.Env: return false case v.DisableFile != o.DisableFile: